Lucene search

K
cve[email protected]CVE-2022-45358
HistoryApr 13, 2023 - 12:15 p.m.

CVE-2022-45358

2023-04-1312:15:08
CWE-79
web.nvd.nist.gov
20
cve-2022-45358
auth
subscriber+
reflected cross-site scripting
xss
silkalns activello theme

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

0.0005 Low

EPSS

Percentile

17.5%

Auth. (subscriber+) Reflected Cross-Site Scripting (XSS) vulnerability in Silkalns Activello theme <= 1.4.4 versions.

Affected configurations

Vulners
NVD
Node
silkalnsactivelloRange1.4.4

CNA Affected

[
  {
    "collectionURL": "https://wordpress.org/themes/",
    "defaultStatus": "unaffected",
    "packageName": "activello",
    "product": "Activello",
    "vendor": "Silkalns",
    "versions": [
      {
        "lessThanOrEqual": "1.4.4",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

0.0005 Low

EPSS

Percentile

17.5%

Related for CVE-2022-45358